Hero

The Truth About Facebook and Instagram’s Data Privacy Policies

When it comes to data privacy, is Facebook friend or foe? We think the latter. This blog dives into Facebook’s exploitative data practices in targeted advertising, misleading privacy policy, and why its business model and strategies separates them from the other social media giants.

Boasting over 2.9 billion monthly core family product users in the second quarter of 2021, it is no secret that Facebook's platforms dominate the social media landscape. Nevertheless, the vast revenue Facebook generates from advertising to their users may surprise you, with Facebook posting $84.2 billion in advertising revenue in FY 2020 (which accounts for 98% of the company's total revenue). Evidently, millions of companies think Facebook is the ideal place to market themselves and their products. In fact, Facebook was named the number one social media marketing platform in the 2019 Social Media Marketing Industry Report.

So why have we at cogify decided to delete our Facebook* and Instagram accounts, alongside removing them entirely from our advertising strategy? Without sounding overly self-righteous, the short answer is ‘ethical principle’.

(*Note that Facebook owns the four most downloaded apps of the century, (Facebook, Messenger, Whatsapp and Instagram) when we refer to ‘Facebook’ we are referring to the collective data monopoly, so as to avoid listing out each platform every time. Correspondingly, we as a company avoid using all four of these platforms.)

Our View

At cogify, we strongly believe that technology should further entrench our rights and freedoms as a society, not negate them. Whether using blockchain technology to improve data security or architecting a new cloud system to better mobilise information accessibility, technology should always be used as a positive force for humanity. As such, we believe strongly in the values of data privacy, protection of personal data, and open-source software, thus are vehemently opposed to using technology for exploitative practices which create an unhealthy relationship between users and the digital world.

So the question is, how has Facebook violated these values?

Data Privacy

In a previous article on data privacy, we talked about how companies, such as Facebook, generate income through targeted advertising. When we use Facebook applications, we like, share and browse, which reveals our interests. Facebook is also used to log into a huge number of brand websites and can access your external search cookies if you are logged in at the time. The collation of this huge amount of personal data creates a disturbingly accurate digital profile of a user, facilitating Facebook’s offer to advertising groups, allowing them to target specific audiences. Indeed, on their Facebook for Business page, they claim this includes location, demographics (age, gender etc.), interests, behaviour (prior purchases etc.), income brackets and connections (followers included or excluded etc). This offer has been hugely popular with marketers, with Facebook reporting over ten million businesses advertising on their main platform alone.

Okay, so what?

Well, the problem with this is privacy infringement. In profiting off our likes, cookies and browser history, Facebook is exploiting personal data at the cost of the individual's right to data privacy, which alongside going against our company principles, is a fundamental UN right.

Naturally, Facebook claims that they have gained explicit user permission to share this information, and are innocent of any such accusations. The facts suggest otherwise. A Pew Research study found that 74% of Facebook users claim not to have known that their traits and interests were collated in this way before the study itself, and a further 51% said they were not comfortable with Facebook compiling this information at all. If this is a genuine attempt at gaining ‘explicit permission’, then clearly Facebook is doing an awful job. Rather, it seems that Facebook's cryptic terms and conditions, which the user originally signs up to, are not simply ‘poor effort’, but are a calculated move to avoid user backlash on Facebook’s handling of their personal data.

Of course, Facebook isn't the only company that conceals important information in their T&C’s, but few others can say they do it on Facebook's scale.

Facebook also assures its users that their data is entirely anonymised when it is sold to marketers, so the data cannot be traced back to the individuals in question. However, some studies have concluded that the ability to cross-reference the data means this technique cannot guarantee identity and data privacy. Indeed, researchers led by Luc Rocher at UCLouvain, assessed that their results ‘reject the claims that, first, reidentification is not a practical risk and, second, sampling or releasing partial datasets provide plausible deniability.’ This suggests that the threat of identification remains real for Facebook's users.

However, what separates Facebook from the other data monopolies is the size of their data privacy scandals: a key example being the 2018 Cambridge Analytica affair. This involved the leak of 87 million Facebook users’ data to be sold for targeted political advertising. Further, the Times reported that tranches of raw data continued to exist beyond Facebook’s dominion, meaning private data remains missing.

Facebook also has a unique history of not announcing its privacy policy changes in advance. Recent exposure and external pressures have forced changes to Facebook’s opaqueness, but their privacy policy changes remain just as frightening for users. A recent example of this is the proposed changes to Whatsapp's privacy policy, which has pushed millions to flee to alternative private messaging apps like Signal and Telegram. The exodus happened after widespread claims circulated that Facebook would now have access to the private content of Whatsapp user chats (which Facebook originally promised never to do). Whatsapp officials were quick to reject these claims, stating that the “policy update does not affect the privacy of your messages with friends or family in any way.” Nonetheless, the real data privacy problem is rooted further back in 2016; when Whatsapp decided that personal user data will be used going forwards to boost the commercial offering of Whatsapp as a shopping platform.

Whatsapp managed to further embarrass themselves when calling out Apple’s ‘iMessage’ in response to Apple’s demand for ‘privacy labels’ on apps in its store. These ‘privacy labels’ were requested to increase transparency over data collation, allowing users to see in advance of downloading what data types an app will collect. The embarrassment followed when Apple responded to Whatsapp’s accusations by posting what data they collect in ‘iMessage’, which is dwarfed by the amount gathered by Whatsapp (see below):

On the left, a list of data linked to you on iMessage, and on the right, a list of data linked to you from Whatsapp

WhatsApp vs iMessage: Personal data collection Source: Forbes

The comparison further added to the growing opinion that Facebook and its companies are key culprits of data exploitation. Despite promising to do a better job going forward, the company has received strong public criticism over user data privacy infractions concerning its plans for its own cryptocurrency, Libra. The condemnation came from top data protection officials across the globe, who ‘voiced concerns about the combination of “vast reserves” of personal data and financial information in the Libra proposal.’ The worst may be yet to come.

Why not Twitter, LinkedIn and Google?

Okay, so you might ask why we have solely focused on Facebook? Why have we still got Twitter and LinkedIn accounts, and why have we not stripped Google search from our business functions as well? Surely, they are all guilty of privacy transgressions in the same way?

Well in many ways, yes, but here's why we don't think all data collections should be treated in the same regard. Let’s start with Twitter.

Twitter is a popular social network like Facebook, but also different in many ways. Its power lies in trends, built up of the opinions of the masses grouped together. As summarised by the Economist, it is a modern-day “speakers corner” where general discussion can be held between all users. On the other hand, Facebook’s model replicates one-to-one relationships, such as between friends, family, colleagues etc. In practice, this means Facebook can gain far more personal data and insights about its users, as they are far more engaged with one another directly in comparison with Twitter. Alongside the obvious difference in size, this distinction goes a long way in explaining why Facebook generated 21 times the revenues of Twitter in 2019. As such, Twitter's model alone distinguishes them with regards to personal data collected from the likes of Facebook.

The second platform in question, LinkedIn, is more comparable to Facebook in how its articles are shared in its feed, offering ‘comment’ and ‘like’ features just like the giant. LinkedIn also generates most of its income from targeted advertising, despite offering a premium subscription service. However, LinkedIn’s strong focus on being a ‘platform for professionals’ means its whole model surrounds posts and engagement designed for the professional public sphere. As summarised in a Computerworld article, “Facebook is for sharing private information with friends...while LinkedIn is for sharing professional information with acquaintances”. Given the cautious attitude of Job Seekers, who are looking to impress potential employers, we would suggest then that the personal data used by LinkedIn is far closer to a representation of what we are happy for the public companies to access; than on our private Facebook, Whatsapp or Instagram networks. So whilst we encourage users to adjust their LinkedIn settings to opt-out of targeted advertising based on personal data, we feel LinkedIn’s corporate environment resists the ‘privacy invasion’ label that we would hand to Facebook.

So what about Google, the company that currently sits atop the advertising throne, generating 146.9 billion USD from targeted advertising in 2020, 80.5% of their entire revenue. They amass personal information in similar ways to Facebook and benefit from the exercise obscenely as well. Surely we can't condone their practices either?

Whilst we do not condone Google's targeted advertising practices, a difference is that Google gains personal information as a bi-product of offering an extremely useful service. Whether it be their extremely popular search engine or their Google Maps, Google has a clear product that is of utility to the consumer. What do they get in return? A record of our search results etc. We feel that this is a less abusive user relationship compared to the likes of Facebook. Whilst Facebook is undoubtedly a useful tool for many, mostly used to communicate with one another and to post on individual feeds, our data is not collected as a result of using tools like Internet browsers. Instead, personal data is targeted by the firm without offering just utility in return; such as through ‘like suggestions’, accessing our general browser searches and the now ‘paused’ listening functions, to name but a few. We feel there's something far more sinister about Facebook’s approach.

If that hasn't convinced you of the difference between the two, recent events may help illustrate Facebooks ‘exploitative disposition’ a little better.

Google and Facebook have both been recently involved in a high stakes row with the Australian government, over payments to news outlets online. As reported by The Week, the government is keen to force the firms to pay news organisations for stories shared on its platforms. The background behind this move relates to the ongoing struggles of journalists online, who fail to generate sufficient revenue from Google and Facebook's unpaid links to their articles. For some context, the Guardian reported that for every $100 of online advertising spend, $53 goes to Google, $28 to Facebook and $19 to everyone else. Journalists are struggling.

After much debate, Google agreed to strike a deal with some of Australia's biggest publishers, in a $30 million annual payment. But Facebook? Like swatting a fly with a sledgehammer, Facebook followed through with their threats to pull the plug on the entire nation. Overnight, Facebook blocked 17 million Australian users from accessing news articles via the site, disallowed the sharing of articles originating from the country and ‘accidentally’ shut down pages belonging to emergency services and helplines.

Facebook’s domineering reputation is reflected in recent events. Indeed, Facebook took part in the biggest US legal battle in decades this year, with the New York attorney general heading up the attack accusing Facebook of utilising ‘dominance and monopoly power to crush smaller rivals, snuff out competition, all at the expense of everyday users.’ Despite being dismissed, we feel both this case, and the prior example, are testament to Facebook’s immense monopolous power, but also serve as proof of their willingness to wield this force maliciously.

Fake News

960x0.jpg

Facebook is a major source of online fake news Source: Getty Images

To wrap up this blog, it's worth touching on one more subject that has become infamously linked to Facebook, ‘Fake News’. Fake news is the phenomenon of presenting false or misleading information as reliable news, (pretty self-explanatory really). Though this is a problem that plagues all social media platforms, Facebook is particularly guilty of enabling this activity. Indeed, a study published in the journal ‘Nature: Human Behaviour’, found that Facebook referred users to ‘untrustworthy news sources over 15% of the time in the run-up to the 2016 presidential election’, whilst only referring users to authoritative news sites 6% of the time in the same period. This poor performance easily trumped equivalent findings for other tech giants, such as Google: (3.3% untrustworthy news versus 6.2% hard news) and Twitter: (1% untrustworthy versus 1.5% hard news). A recent example of the dangers of Facebook's fling with fake news is with vaccine misinformation, with the BBC reporting that ‘Facebook accounts promoting false information about vaccines saw a boost in followers in Brazil, Mexico, India, Ukraine, France, Tanzania and Kenya over the past year.’ Another survey from the ‘Nature: Human behaviour’ journal suggested that the effect of such misinformation has ‘induced a decline in intent of 6.2 percentage points (95th percentile interval 3.9 to 8.5) in the UK and 6.4 percentage points (95th percentile interval 4.0 to 8.8) in the USA among those who stated that they would definitely accept a vaccine.’

In real terms then, Facebook's status as the fastest spreader of fake news is having real-world consequences, like obstructing the stop of covid-19.

So why is Facebook guilty here?

Well, the answer is because they are doing very little to halt the spread of fake news, compared to the likes of Twitter etc.

Twitter started working with the NHS and other world health organisations in late 2018, in an effort to ensure that searches about vaccines etc lead to reliable news sources. They then built on this methodology going forward in the context of covid-19, alongside challenging 11.5 million accounts about corona disinformation. More famously, Twitter labelled and removed tweets by ex-president Trump which suggested injecting bleach to tackle the coronavirus, due to the mass harm this wild speculation might cause. They also did a similar thing to Trump's tweet which incited violence during the Black Lives Matter protests that swept across the USA last year.

Facebook was quick to condemn Twitter’s actions as an infringement of free speech, with Mark Zuckerberg stating that he would never follow Twitter's editorial direction. Now without delving into a debate about freedom of speech, we think it is clear to say that Facebook’s unwillingness to commit to similar action may well explain its strong link to fake news. United States Senator Elizabeth Warren demonstrated the extent of Facebook's problem by deliberately paying for a series of fake Facebook ads. These ads had titles like: ‘Breaking news: Mark Zuckerberg and Facebook just endorsed Donald Trump for re-election.’ Once the ads were successfully uploaded (without being vetted for their false content), Warren took to social media to accuse Facebook of selling out and giving persons, like Trump, ‘free reign to lie’ in exchange for money. Her ads stand as evidence that Facebook doesn't even vet ‘self-detrimental’ content, let alone general fake news.

In summary, Facebook is not only the biggest spreader of fake news but seem to be the least willing to combat it as well.

Conclusion

We at cogify don’t feel that all data collation firms should be held in the same regard. We feel Facebook's exploitative advertising practices, which infringe upon basic privacy rights, distinguish them in ways we as a company cannot condone nor associate with. They fundamentally violate our belief in a balanced relationship between user and tech, as they offer their service at the discreet but extortionate cost of our online data privacy.

This exploitative practice also transgresses our hope for greater open-source software, as the cost to the user is far too high to justify the service they provide. Further, Facebook's toxic relationship with ‘Fake News’ distinguishes them as a particularly cynical company. Given all this, Facebook will play no part in our business going forward.

Get in touch via Linkedin or Twitter if you have a take on the topic.

an infographic with DeFi in the middle

DeFi

DeFi is short for decentralized finance which includes digital assets, protocols, smart contracts, and decentralized apps (dAps) built on the blockchain. The system eliminates banks' and institutions' control over money, financial products, and financial services.

Learn more
[java script logo in yellow on a dark red background]

Dissecting Javascript: Frameworks and their uses

Javascript is commonly used in web development, but how is it actually implemented to build the modern websites? How Frameworks do Javascript developers use to craft a proficient product? These are some of the questions this blog strives to answer. It attempts to explain the versatility and utility of Javascript?

Learn more
Cybersecurity: Definition, types and steps to prevent cyberattacks.

Cybersecurity: Definition, types and steps to prevent cyberattacks.

Nowadays, data and information access are the main war resources. Cyberattacks have emerged because of how important it is to take control of confidential data. This blog discusses what is cybersecurity, its types, and how to protect yourself or your business from hackers and cybercrime.

Learn more
[Three people discussing at a table with an open laptop on the table]

Top 30 Questions to Ask Software Developers

Ever wonder why software development projects can feel challenging? It is frequently down to a lack of understanding between clients and developers about the project specifics and vision.

Learn more
[A woman with headphone smiling while looking at her computer and writing a note down down].

Explaining Back-end and Front-end Development.

What are the key tech stacks and what do they mean for software development projects? This blog post distils down the tech stacks known as front-end and back-end development to provide clarity and deepen understanding for those who may be unfamiliar with these concepts.

Learn more
[A group of people applauding in an office]

The Truth About Facebook and Instagram’s Data Privacy Policies

When it comes to data privacy, is Facebook friend or foe? We think the latter. This blog dives into Facebook’s exploitative data practices in targeted advertising, misleading privacy policy, and why its business model and strategies separates them from the other social media giants.

Learn more

Privacy Policy

Terms & conditions